De­vel­op­ers can now de­liver open source com­po­nents se­curely

In an of­fi­cial blog post, CEO and co-founder of Snyk, Guy Pod­jarny, has shared that as a soft­ware ser­vice startup, the com­pany wants to con­tinue to help de­vel­op­ers find and fix vul­ner­a­bil­i­ties in their open source code, be­fore it goes into pro­duc­tion. For this pur­pose, the com­pany has an­nounced that it has suc­cess­fully closed a US$ 7 mil­lion Se­ries A round of fund­ing.

As per the blog post, over 120,000 de­vel­op­ers use Snyk to find, fix and mon­i­tor for vul­ner­a­ble li­braries. Open source li­braries pro­vide a tremen­dously valu­able re­source for de­vel­op­ers, but in to­day’s rapid fire ap­pli­ca­tion de­vel­op­ment en­vi­ron­ment, it’s not al­ways a sim­ple mat­ter to make sure you’re us­ing se­cure code.

The fund­ing was led by Bold­start Ven­tures and Canaan Part­ners.

Heavy­bit, FundFire, Peter McKay (from Veeam) and many other un­named in­vestors also par­tic­i­pated.

“The com­pany is built on the premise that the de­vel­op­ment team is uniquely suited to deal with these se­cu­rity prob­lems be­fore their pro­grams go out into the world, rather than a se­cu­rity team, which tends to be re­moved from the de­vel­op­ment process,” shared Guy Pod­jarny. “When soft­ware was built over months and years, this ap­proach worked, but at to­day’s de­vel­op­ment speed, hav­ing an out­side se­cu­rity team check­ing the soft­ware no longer makes sense,” he said.

“This fund­ing is a great tes­ta­ment to the im­por­tance of hav­ing de­vel­op­ers own se­cu­rity and the crit­i­cal need to se­cure our use of open source code. It’s also a

hum­bling show of faith in our prod­uct and team, who are trusted to de­liver and help you – our beloved users – use open source code and stay se­cure,” Pod­jarny wrote.

“We in­te­grate el­e­gantly into the de­vel­op­ment process and find known vul­ner­a­bil­i­ties in your open source el­e­ments and fix them,” Pod­jarny ex­plained. “The com­pany mon­i­tors the code right in your GitHub repos­i­tory, but if you’re con­cerned about shar­ing your open source code with a third-party com­pany, you need not worry about that,” he said, adding, “You are only giv­ing us ac­cess to man­i­fest files that dic­tate the files you are go­ing to use.”

Since Snyk sup­ports the vast ma­jor­ity of lan­guages that users need, the firm plans to cover open source li­braries for all the lan­guages in de­vel­op­ers’ code bases. The firm also in­tends to ma­ture its sup­port of­fer­ings for the more re­cently added lan­guages to match the level of sub­tle un­der­stand­ing and fix the ca­pa­bil­i­ties vet­eran lan­guages en­joy.